Kudos Tom for taking onboard the feedback & re-testing NextDNS. Your assessment is totally fair, there are trade-offs here, but the blocking results do speak to the benefit of their service, over free options at least.
@erichly Жыл бұрын
The speed and attentiveness of thoughtfully following up so quickly is amazing 👍
@iblackfeathers Жыл бұрын
now that was more of the outcome i was expecting from nextdns. :) thanks for the transparency.
@MichielKlaver Жыл бұрын
If you are concerned about NextDNS Privacy, they do provide an option on the settings page to completely disable any logging, or have them stored in Europe under strict privacy ruling.
@murtadha96 Жыл бұрын
In Switzerland too.
@JimmyArogen Жыл бұрын
Europe does NOT have strict logging laws. Those only apply for select private companies. In marxist Sweden ISPs are even taken to court by the oppressive vile EU if the ISP does not map everything the user does and save the data for years.
@softwelveone11 ай бұрын
wondering out loud here... with different states having different laws (I'm in California thank goodness, with strict privacy laws...) nextDNS doesn't ask for my email address or have different privacy rules for this state which tells me they don't store anything or sell anything to 3rd parties... and they clearly state that on there webpage...
@Bond20255 ай бұрын
@@murtadha96 Being in Switzerland doesn't help you! If Law Enforcement want the details they will be given them. GCHQ and NSA help themselves without asking anyway,
@BOZ_11Ай бұрын
5 eyes buddy. Western countries are on entity as far as the internet is concerned.
@consecratedtech Жыл бұрын
This is why I trust you!!!! you care about everyone being in the know! That is some awesome results. Quad 9 is still the best easy, go to of mine as well. NextDNS is for specific use cases or locking down my home net because the kids LOL.
@jfkastner Жыл бұрын
Thank you for taking the time to re-test!
@Marc.Google5 ай бұрын
Thanks for re-running this test!
@firebodybuilder Жыл бұрын
another point to note for average home/SMB users is that, the free tier of NextDNS is limited to 300,000 queue per month. After that queues are not filtered. Take myself as an example, I would used up the quota within 2 weeks.
@Katchi_ Жыл бұрын
Liar. There are not that many porn sites and results stay cached in your local DNS. Unless you are not caching anything (which is dumb).
@firebodybuilder Жыл бұрын
@@Katchi_ you understand that everyone has different use case and settings, right? Just others have different case from you doesn’t make them liars
@wile123456 Жыл бұрын
Yea the non-profit of quad9 is what makes me choose it. Also NextDNS is based in the USA with NSA and all the issues that come from that country with terrible privacy laws.
@rickross4337 Жыл бұрын
I used it up in 2-3 weeks with just my phone connected.
@Bond202511 ай бұрын
@@rickross4337 I have 11 devices running and so far this month I have 18,864 queries to NextDNS, so i never exceed the amount. AdGuardHome has a cache too.
@Jrdzpr Жыл бұрын
Nice work
@AlNemec Жыл бұрын
Your argument is sound but I wanted to point out that in nextdns you can configure how long logs are retained in the settings tab. Not sure how much someone could mine if I set mine retention to only 1 hour.
@ZachLoggins Жыл бұрын
NextDNS does have where you can minimize the logs down to 1 hour which I find useful in case I need to check for something that was blocked and need to allow.
@Squirrel-ts7bb Жыл бұрын
One point worth noting, if you’re required to register the IP you will be querying from, that’s going to immediately make it a non starter for a lot of the homelab folks and such as they likely won’t have a fixed IP address.
@AlNemec Жыл бұрын
Most people (such as myself) have DDNS configured in my homelab so this was super easy to address
@MichielKlaver Жыл бұрын
IP address registration only needed for clients using classic DNS over UDP (port 53) over IPv4. For IPv6 your customer identifier is part of the last bits of the DNS server address. NextDNS also provides endpoints for DNS-over-TLS/QUIC (DoT) and DNS-over-HTTPS (DoH) where the identifier is part of the URL.
@ralecgos363111 ай бұрын
Really good and fair video. Thanks for this!
@phototristan10 ай бұрын
NextDNS is still a for profit company, although I don't know if they sell the aggregated data, they can/do hold it. I prefer Quad9, nonprofit, they don't hold data.
@kenzieduckmoo Жыл бұрын
after watching the video i got curious and checked in my own network's DNS settings. Found that firefox uses DoH now and no obvious way to switch it (and i didnt care enough to really dig into that) so makes me wonder how effective changing the DNS on the router is anymore
@pedromain Жыл бұрын
DoH on Firefox uses your DNS of choice. If you choose Cloudlfare on your router, then FF will try to conect to Cloudflare's DoH DNS servers, If you choose quad9 same. If he can't connect via DoH he will use your plain default port 53 DNS.
@wile123456 Жыл бұрын
You can switch it, its under the privacy and security. Turning it off it will use your PC/Router DNS settings. They offer NextDNS in their DNSoverHTTPS service, but not quad9, so i turn it off.
@wile123456 Жыл бұрын
@@pedromain Sadly quad9 isn't slectable in my country for firefox
@DownandOutNYC Жыл бұрын
If in the end, the concerns are protection AND privacy, why not just go with a local Unbound dns server in recursive mode and/or a Pi-hole with whatever blocklists you would need?
@Zedris Жыл бұрын
I would wonder how mulvad falls into this bunch? From a privacy and security scope
@lordofthemound389010 ай бұрын
I used to use Mullvad’s “base” encrypted DNS but found that it was blocking sites I had a legitimate need for. I’ve since switched between Quad9 and AdGuard, though I haven’t definitively settled on one or the other.
@omgg4031 Жыл бұрын
I'm currently using controld
@naifaltamimi2885 Жыл бұрын
false positive is as important as true positive.
@andrebrait Жыл бұрын
Yes. Especially if you want the solution to pass the Family test i.e. "Google Shopping got blocked and now my wife is angry because she can't open the link to the ad she saw and actually wanted to buy" and other things like that.
@jacksoncremean1664 Жыл бұрын
This, you can have a 100% detection rate, but that doesn't mean anything if the FP rate is 100%.
@jkbobful29 күн бұрын
Can you test Control D DNS and Mullvad DNS
@Kirigaya__Yuuki Жыл бұрын
What about "Cloudflare gateway" with firewall rules to block more stuff?
@jacksoncremean1664 Жыл бұрын
You'd likely get a similar result to nextdns, about 100% block rate.
@wildyato373710 ай бұрын
@jacksoncremean1664 it is pain when each time you need to reconfigure and link yourself
@BYou-ws6bu10 ай бұрын
With NextDNS, you can select to delete queriers/logs after 7 days and store your data in a territory with higher regulations when it comes to data privacy.
@ldnzz Жыл бұрын
Thank you
@DonClark8 ай бұрын
Could you share the final (or live) list that you are blocking please?
@ejlagunsad8 ай бұрын
Is there same pricing of Cloudfare with Nextdns pro?
@adamzan7 Жыл бұрын
For the small difference, I'll stick with quad 9. We give up enough of our data these days.
@iamrage4753 Жыл бұрын
not testing ControlD??
@LAWRENCESYSTEMS Жыл бұрын
The script is in my forums, feel free to test all the DNS services you are interested in.
@Michael-uo4jj4 ай бұрын
Damn nextdns is truly next level would still prefer quad9 personally because free and its good enough and way more than any standard user would do with a server in Toronto i get better ping than with a Google dns anyway
@Doctortech121 күн бұрын
What is better for Firefox dns mullvad vs quad9
@LAWRENCESYSTEMS20 күн бұрын
I use QUAD9
@Doctortech120 күн бұрын
@LAWRENCESYSTEMS but is that safer then mullvad dns and for PRIVACY?
@craven3190 Жыл бұрын
I will stick with quad9.
@Bond20255 ай бұрын
And not block any trackers, affiliate links or advertising - excellent choice. Q9 doesn't block them...read the T&Cs.
@Mkoxc27 күн бұрын
@@Bond2025and which is your choice?
@meshuggah245 ай бұрын
NextDNS allows you to turn logs off though. This would pretty much fix your issues with them wouldn't it?
@LAWRENCESYSTEMS5 ай бұрын
As long as you trust them to actually turn off the logging.
@meshuggah245 ай бұрын
@@LAWRENCESYSTEMS True enough!
@ampeg1875 ай бұрын
Samo goes for quad9 or any other provider, you dont really know what logs they keep
@LAWRENCESYSTEMS5 ай бұрын
@@ampeg187 Except that Quad9 does not have any info on you except for what IP address you came from.
@EsperLeon7306 ай бұрын
Here you pop up again, Hello 🤙
@HexPortal Жыл бұрын
Of course everything is blocked in your test as NextDNS queries that blocklist every 5 minutes by their threat intelligence feeds...
@angelgonzalez2379 Жыл бұрын
Quad9 looks like the choice for me.
@juapАй бұрын
when someone try to convince me to use their services, then i choose the one who dont give a fck if you use it or not, because is open source and they know for sure is better...
@simonpalmer123 Жыл бұрын
It would be interesting to get an ip onto these malicious lists, and try and remove it...
@MichielKlaver Жыл бұрын
An alternative to NextDNS would be to run your own PiHole somewhere in the cloud, then you are the only one in charge of the logs!
@jacksoncremean1664 Жыл бұрын
There aren't many good threat feeds that are freely available, so you have to use another DNS service with threat feeds for good detection.
@Bond20255 ай бұрын
If it is hosted by a company, they are forced to hand over the data.
@cpuuk Жыл бұрын
Fully agree, by registering yourself you are now personally identifiable, ergo you are now eligible to have your data sold.... and they WILL sell it.
@cyborg-yj6iu8 ай бұрын
didn't know that .top domains are used for malicious purposes
@elicohen6734 Жыл бұрын
He tested only unencrypted DNS with IP pinning and ignored the ability to not create any logs or on choosen logging location. This review was pretty much superficial, even NextDNS nailed it by blocking everything.
@wile123456 Жыл бұрын
If you care about privacy, having to provide email and ip-address kinda goes against the entire thing though.
@wildyato373710 ай бұрын
@@wile123456I just want automatic linking system ,not manually link that each time...
@RonVichar10 ай бұрын
Wireguard, pihole, + quad 9. I think next dns is ok for on device vanilla style ad blocking if you don’t have a vpn or pihole, but it comes at the price of KYC unless you have an alt ID
@finalsak Жыл бұрын
Now do Control D
@wildyato373710 ай бұрын
It is costly!
@finalsak10 ай бұрын
@@wildyato3737 It costs the same.
@pbrigham Жыл бұрын
So basically before, you use NextDNS for a test with out a single clue of what was NextDNS, ok, if this is the methodology that you use to test stuff we are in good hands, well, at least you are honest in recognising your mistakes. Thanks for the video.
@_Miner Жыл бұрын
I would partiallu blame NextDNS for that tbh. They state on their homepage try if now (no signup required) then give you the dns IP's. If you overlooked the link IP part then yeah its not going to work as expected. Although we have no idea if Tom linked the IP or not or didnt even click that page and just entered the DNS ips on his test machine.
@pbrigham Жыл бұрын
@@_Miner when he made the initial video, I immediately knew that he didn't had a clue what he was talking about, but he was so eager to praise Quad9 that he went for it anyway, and by the way I really like Quad9, I think he is correct, one of the best DNS services out there.
@tairikuokami10 ай бұрын
Every single DNS out there logs data, even no-log like Quad9 or Cloudflare, because of DDoS protection and they mention it in their Privacy Policy. The only difference is, how fast they remove logs, some after 2 hours, some after days. It is like arguing whether you should have Google/MS account, if you do not, they will log your data, if you do, you can remove it at your discretion.
@shadowtabbys2 ай бұрын
What you say account data retention, you can customize it including NO LOGGING. You failed to mention this.
@LevantinLynx Жыл бұрын
Absolutely horrific to register to a DNS provider 😮😢 No matter how well it works… if you have to sell your soul, it’s never worth it. There is absolutely no way they don’t track the request.
@wile123456 Жыл бұрын
Also they are a US company so they are less beholden to GDPR and as a non-US citizen the NSA has full reign to spy on your traffic if they request it from NextDNS
@RajarshiKhatua10011 ай бұрын
nextdns definately Freemium but it's Open Source, so no problem there
@wildyato373710 ай бұрын
Nah..it will be paid..thanks to AI.. at time passes Ai will be smart enough to figure out dangerous threats...and it is exclusive to NextDNS.. NOT other dns providers uses AI..
@_Thomas_Shelby_ Жыл бұрын
NextDNS is selling user data
@nehapotter28077 ай бұрын
Source?
@Chris_Cable Жыл бұрын
Who in their right mind would register their ip and email address with a company that can see every DNS query you're making? No thanks :)
@AlNemec Жыл бұрын
Any DNS server is going to see which IP you have as its part of the headers for the request you make every time you access a website.
@MichielKlaver Жыл бұрын
IP address registration is only needed in for IPv4 clients using classic DNS over UDP (port 53). E-mail can also be some anonymous throw-away address
@Bond20255 ай бұрын
you muppet, they all see your IP when you make a request!
@TheEquestriancolt11 ай бұрын
TRADING FREEDOM for SECURITY, In this CASE TRADING PRIVACY for SECURITY, and in the END YOU'LL HAVE NEITHER.
@tairikuokami10 ай бұрын
Pretty much everyone using any security product like AV, they run with system rights and gather and share all info.